<?php

$username = $_POST['username'];
$password = $_POST['password'];

include("opendb.php");
include("functions.php");
include("../accounts/common/functions.php");
$res = isValidUser($username,$password);
if($res!=1) {
echo "$username = $password";
exit;
}

$ListingID = $_POST['listing_id'];

	$uploadpath = "../listing_images/"; 
    $source = $HTTP_POST_FILES['image']['tmp_name']; 

    $dest = ''; 
	$filename='';

    if ( ($source != 'none') && ($source != '' )) { 

        $imagesize = getimagesize($source); 
		$imagetype = $imagesize[2];
        switch ( $imagesize[2] ) { 

            case 0: 

//                echo '<BR> Image is unknown <BR>'; 
                break; 

            case 1: 
//                echo '<BR> Image is a GIF <BR>'; 
                $dest = uniqid('img').'.gif'; 
                break; 
             
            case 2: 
//                echo '<BR> Image is a JPG <BR>'; 
                $dest = uniqid('img').'.jpg'; 
                break; 
             
            case 3: 
 //               echo '<BR> Image is a PNG <BR>'; 
                //$dest = uniqid('img').'.png'; 
                break; 

        } 

        if ( $dest != '' ) { 

            if ( move_uploaded_file( $source, $uploadpath.$dest ) ) { 
				chmod($uploadpath.$dest, 0644);
				//CreateThumbnail($source,$outputfile,$size)
				CreateThumbnail($uploadpath.$dest,$uploadpath."t_".$dest,100);
				CreateResizeWidth($uploadpath.$dest,$uploadpath."resize_".$dest,400);
				CreateResizeWidth_matt($uploadpath.$dest,$uploadpath."vt_".$dest,510,350);
				
				//check to see if there is a main photo
				$csql = "Select * from Listing_Images where Main_Photo = '1' and Type = 'IMAGE' and Listing_ID = '".$ListingID."'";
				$cresult = mysql_query($csql) or die ("SQL Error".mysql_error());
				$crow=mysql_fetch_assoc($cresult);
				
				//if there is not a mainphoto we make this photo the main photo
				if(mysql_num_rows($cresult) === 0)
				{
				$mainphoto = '1';
				}
				else
				{
				$mainphoto = '0';
				}
				
				$query = "Insert into Listing_Images(Server_Path, Path, Date_Created, Category, Owner, Listing_ID, Area, Main_Photo)Values('http://www.realivent.com/listing_images/', '".$dest."','".date('Y-m-d H:i:s')."',0,'".getOID($username)."','".$ListingID."', '".$_POST['area_id']."', '".$mainphoto."')";
				//echo $query;
				mysql_query($query) or die(mysql_error()); 
				$message="2";

            } else { 
				$message="-1";
				
            } 

        }  

    } else { 

	        $message="-2";
			
    		}
			
//end of function

echo $message;



?>